Here are my initial ideas about supporting cookies. Note that I&#39;m using Chrome for ideas since it&#39;s open source.<div><ul><li>Network/HTTP/Conduit/Cookies.hs file</li><li>Exporting the following symbols:</li><ul><li>

type StuffedCookie = SetCookie</li><ul><li>A regular SetCookie can have Nothing for its Domain and Path attributes. A StuffedCookie has to have these fields set.</li></ul><li>type CookieJar = [StuffedCookie]</li><ul><li>
Chrome&#39;s cookie jar is implemented as (the C++ equivalent of) Map W.Ascii StuffedCookie. The key is the &quot;eTLD+1&quot; of the domain, so lookups for all cookies for a given domain are fast.</li>
<li>I think I&#39;ll stay with just a list of StuffedCookies just to keep it simple. Perhaps a later revision can implement the faster map.</li></ul><li>getRelevantCookies :: Request m -&gt; CookieJar -&gt; UTCTime -&gt; (CookieJar, Cookies)</li>

<ul><li>Gets all the cookies from the cookie jar that should be set for the given Request.</li><li>The time argument is whatever &quot;now&quot; is (it&#39;s pulled out of the function so the function can remain pure and easily testable)</li>

<ul><li>Insert cookies from a server response into the cookie jar.</li><li>The first argument is only used for checking to see which cookies are valid (which cookies match the requested domain, etc, so <a href="http://site1.com">site1.com</a> can&#39;t set a cookie for <a href="http://site2.com">site2.com</a>)</li>

</ul><li>stuffCookie :: Request m -&gt; SetCookie -&gt; StuffedCookie</li><ul><li>If the SetCookie&#39;s fields are Nothing, fill them in given the Request from which it originated</li></ul><li>getCookies :: Response a -&gt; ([SetCookie], Response a)</li>

<ul><li>Pull cookies out of a server response. Return the response with the Set-Cookie headers filtered out</li></ul><li>putCookies :: Request a -&gt; Cookies -&gt; Request a</li><ul><li>A wrapper around renderCookies. Inserts some cookies into a request.</li>

<li>Doesn&#39;t overwrite cookies that are already set in the request</li></ul></ul><li>These functions will be exported from Network.HTTP.Conduit as well, so callers can use them to re-implement redirection chains</li><li>

I won&#39;t implement a cookie filtering function (like what Network.Browser has)</li><ul><li>If you want to have arbitrary handling of cookies, re-implement redirection following. It&#39;s not very difficult if you use the API provided, and the &#39;http&#39; function is open source so you can use that as a reference.</li>

</ul><li>I will implement the functions according to RFC 6265</li><li>I will also need to write the following functions. Should they also be exported?</li><ul><li>canonicalizeDomain :: W.Ascii -&gt; W.Ascii</li><ul><li>turns &quot;..a.b.c..d.com...&quot; to &quot;<a href="http://a.b.c.d.com">a.b.c.d.com</a>&quot;</li>

<ul><li>Does the first domain match against the second domain?</li><li>If so, return the prefix of the first that isn&#39;t in the second</li></ul><li>pathMatches :: W.Ascii -&gt; W.Ascii -&gt; Bool</li><ul><li>Do the paths match?</li>

</ul></ul><li>In order to implement domain matching, I have to have knowledge of the <a href="http://mxr.mozilla.org/mozilla-central/source/netwerk/dns/effective_tld_names.dat">Public Suffix List</a> so I know that <a href="http://sub1.sub2.pvt.k12.wy.us">sub1.sub2.pvt.k12.wy.us</a> can set a cookie for <a href="http://sub2.pvt.k12.wy.us">sub2.pvt.k12.wy.us</a> but not for <a href="http://k12.wy.us">k12.wy.us</a> (because <a href="http://pvt.k12.wy.us">pvt.k12.wy.us</a> is a &quot;suffix&quot;). There are a variety of ways to implement this.</li>

<ul><li>As far as I can tell, Chrome does it by using a script (which a human periodically runs) which parses the list at creates a .cc file that is included in the build.</li><ul><li>I might be wrong about the execution of the script; it might be a build step. If it is a build step, however, it is suspicious that a build target would try to download a file...</li>

</ul><li>Any more elegant ideas?</li></ul></ul>Feedback on any/all of the above would be very helpful before I go off into the weeds on this project.</div><div><br></div><div>Thanks,</div><div>Myles C. Maxfield</div><div>